<?php
class setupController extends action{

	private $setup;
	private $obj;
	
	public function __Construct() {
		parent::__Construct();
		$this->loadCtl('login','login');
		loginController::chkLogin();
		//chkLogin($this);
		$this->getMsgSetup();

	}
	
	
	function index(){
		
		$this->Template();
		$this->assign('title','留言板设置');
		$this->assign('setup',$this->setup);
		$_SESSION['formkey'] = md5(time().'naryn');
		$this->assign('formkey',$_SESSION['formkey']);
		$this->display('setup');
	}

	function saveSetup(){
		
		if ($_SESSION['formkey'] !=  $_POST['formkey']){
			$this->error('Invalid form !');
		}
		
		$data['msg_activate'] = $_POST['activate']=='on' ? 1 : 0;
		$data['msg_view'] = $_POST['view']=='on' ? 1 : 0;
		$data['msg_num'] = intval($_POST['num']);
		$data['msg_length'] = intval($_POST['length']);
		$data['msg_badword'] = $this->strip_str($_POST['badword']);
		$Pid = intval($_POST['Pid']);

		//$obj = $this->M('msgsetup');
		$r = $this->obj->update($data , " where Pid = $Pid");
		if ($r){
			$this->success('Save success !','?g=admin&c=setup');
		}else{
			$this->error('Save failed !','?g=admin&c=setup');
		}
	}
	
	
	private function getMsgSetup(){
		//如果设置配置文件那么读取配置文件。
		//没有配置文件将访问数据库。
		//这里简单的读取数据库。
		$obj = $this->M('msgsetup');
		$result = $obj->limit('','','limit 0,1');
		$this->setup = $result[0];
		$this->obj = $obj;
		return $result[0];

	}
	
	private  function  strip_str($str){
		$str = stripcslashes($str);
		$str = strip_tags($str);
		$str = str_replace('"','',$str);
		$str = str_replace('\'','',$str);
		
		return $str;
	}
	
	
}
